漏洞标题 CVE-2025-2748: Kentico Xperience CMS - Unauthenticated Stored XSS 漏洞描述 The Kentico Xperience application does not fully validate or filter files uploaded via the multi...

漏洞标题 (CVE-2025-9242) WatchGuard Fireware OS 未授权远程代码执行漏洞 漏洞描述 (CVE-2025-9242) WatchGuard Fireware OS 未授权远程代码执行漏洞 PoC代码 暂无

漏洞标题 CVE-2025-49844: Redis Lua Parser < 8.2.2 - Use After Free 漏洞描述 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an ...

漏洞标题 CVE-2025-34045: WeiPHP 5.0 - Path Traversal 漏洞描述 WeiPHP 5.0 contains a path traversal caused by insufficient input validation of the picUrl parameter in /public/index....

漏洞标题 (CVE-2025-52472) XWiki REST搜索URL HQL注入漏洞（orderField参数） 漏洞描述 (CVE-2025-52472) XWiki REST搜索URL HQL注入漏洞（orderField参数） PoC代码 暂无

漏洞标题 CVE-2025-61882: Oracle E-Business Suite 12.2.3–12.2.14 – Remote Code Execution 漏洞描述 Oracle Concurrent Processing 12.2.3-12.2.14 contains a remote code execution caus...

漏洞标题 CVE-2025-59474: Jenkins Sidepanel - Unauthorized Agent/Queue Exposure 漏洞描述 Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check in th...

漏洞标题 H3C Magic NX系列设备存在远程命令执行漏洞（CVE-2025-2725） 漏洞描述 H3C Magic NX系列设备（包括Magic NX15、Magic NX30 Pro、Magic NX400），以及Magic R系列设备（如MagicR3010）...

漏洞标题 CVE-2025-1562: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit - Broken Access Control 漏洞描述 The Recover WooCommerc...

漏洞标题 CVE-2025-34040: Zhiyuan OA Platform - Arbitrary File Upload 漏洞描述 An arbitrary file upload vulnerability exists in the Zhiyuan OA platform 5.0, 5.1 - 5.6sp1, 6.0 - 6.1s...

漏洞标题 CVE-2025-60188: Atarim < 4.2.2 - Sensitive Information Exposure 漏洞描述 Vito Peleg Atarim <= 4.2 contains an insertion of sensitive information into sent data vulne...

漏洞标题 CVE-2025-46822: Java-springboot-codebase 1.1 - Arbitrary File Read 漏洞描述 OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, appl...

漏洞标题 CVE-2025-6204: DELMIA Apriso - Command Injection 漏洞描述 An Improper Control of Generation of Code (code injection / file upload → RCE) vulnerability affecting DELMIA Ap...

漏洞标题 CVE-2025-12139: Integrate Google Drive <= 1.5.3 - Information Disclosure 漏洞描述 File Manager for Google Drive - Integrate Google Drive with WordPress plugin for WordP...

漏洞标题 CVE-2025-5086: Dassault Systèmes DELMIA Apriso (up to 2025) - Insecure Deserialization 漏洞描述 A deserialization of untrusted data vulnerability affecting DELMIA Apriso ...

漏洞标题 CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS 漏洞描述 MapTiler Tileserver-php v2.0 contains a reflected XSS caused by unencoded reflection of the GET...